Vulnerability Scanning

Proactive, cost-effective security with a business focus
 

external Scanning

External scanning is designed to identify vulnerabilities in publicly accessible systems and susceptibility to attack from the Internet.  This approach represents attacks targeting your organization from the Internet such as an external “hacker” or a worm.  These types of attacks can occur at any time and can come from virtually any IP address.  In fact, the attacker doesn’t even need to know who you are.  You could simply have a vulnerability that the attacker stumbled upon during a broad ranging scan.  During this phase of the assessment, NWN will perform:


-Public Database Searches – NWN will search publicly accessible sources for information about the target environment.  These include ARIN searches, whois lookups, DNS queries and “Google hacking”.  This phase of the assessment is designed to identify information accessible to an attacker that would facilitate future attacks.

-Ping Sweeps – NWN will use a variety of ping and ping-like techniques to identify IP addresses associated with “live” systems and to begin to identify target firewall filtering techniques.

-Port Scanning – NWN will scan target systems to identify which TCP and UDP ports are unfiltered and listening. 

-Enumeration & Banner Grabbing – NWN will scan target systems in an attempt to identify their operating system, any applications they may be running and any version information.

-Vulnerability Scanning – To complete this assessment component, NWN will use vulnerability scanning tools to identify indications that a system is vulnerable to any of a large database of known attacks.  Note: During this testing NWN will not attempt to exploit vulnerabilities.

internal Scanning

Internal scanning is designed to identify vulnerabilities in internally accessible systems and susceptibility to attack from sources within the Customer’s network.  This could represent an attack by a “trusted” insider (employee or contractor) or an attack by an outside entity that has managed to gain access to an internal system.  During this phase of the assessment, NWN will use tools and techniques similar to those used for external scanning to identify indications that a system is vulnerable to any of a large database of known attacks.


There is a common aspect to all external testing.  NWN performs these tests without access credentials or information about the target environment other than a list of target IP address.  This approach allows NWN to emulate an attack by an external “hacker”.  Also, vulnerability scanning does not involve attempts to exploit identified vulnerabilities to verify or validate the results.  If comprehensive validation of this nature is required, penetration testing should be performed.

As part of its suite of security services, NWN performs both internal and external vulnerability scanning; both of which play a critical role in determining the overall state of client security.